Cyber Managed Services - Vulnerability Management - Associate Analyst Ey
Dallas, TX

Job Description

.

Description:

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Job Summary:

Cyber threats continue to evolve and pose serious risks within the business environment. EY's Cybersecurity as a Service (CaaS) offering addresses the ongoing operational requirements through the following services:

* Threat Detection and Response


* Threat Exposure Management


* Identity & Access Management


* Data Protection



Clients retain CaaS to defend their environment and respond when threats are detected. As a CaaS security professional you will belong to a globally connected team of security professional delivering 24x7 services from our Dallas Cyber Center.

What this means for you

At EY, we believe your career is a journey and we are committed to providing you an array of exciting opportunities to help you find the career path that is right for you. In this role, you will have the opportunity to team with a wide variety of clients to deliver professional services and to actively participate in a rapidly growing practice. With each engagement, you can expect to build leadership, communication and client-management skills, as well as sharpen your problem-solving capabilities. EY Security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. If you are interested in "building a more secure and trusted working world," being part of a dynamic team, serving clients and reaching your full potential, EY Advisory Services is for you. Apply today!

Key Responsibilities:

* Use vulnerability scanning tools, application security testing solutions and network assessment utilizes to identify security vulnerabilities


* Review and prioritize the severity of vulnerabilities using CVSS and custom risk models


* Assist in the analysis of vulnerabilities to identify to determine severity and risk to client environments


* Log and track vulnerabilities from discovery through to remediation using workflow and ticketing systems


* Assist in maintaining asset, configuration management and vulnerability databases


* Perform discovery scans to identify new assets and communicate results to Tier-2 Analysts


* Generate consolidated reports based on vulnerability scan results to help identify necessary remediation tasks


* Perform custom data processing and scripting to aid and cross check vulnerability reports and automation


* Monitor generation and distribution of reporting dashboard to identify anomalies and ensure timely reporting


* Monitor health of scanning engines and agents and identify connectivity issues


* Perform troubleshooting of issues with network scanning and security assessment tools


* Provide timely, comprehensive and accurate information to Tier-2 Analyst in both written and verbal communications


* Proactively research and monitor security-related information sources to aid in vulnerability discovery



To qualify, candidates must have:

* Bachelor Degree in Computer Science, Mathematics, Engineering or other related area of study preferred but not mandatory


* Working knowledge/experience of network systems, security principles, and applications


* Thorough hands-on experience with vulnerability scanning tools such as Qualys, Rapid7 -Nexpose, or Tenable - Nessus, etc.


* Experience with ticketing systems e.g. Service Now or Remedy


* Exposure to SIEM, configuration management, or log analytics/event correlation solutions


* Familiar with service discovery tools such as Nmap, Wireshark, etc.


* Knowledge of and experience with applying Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS)


* Experience performing data processing using common programming languages (Ruby, Python, Bash, Power Shell, etc.) and querying SQL/NoSQL databases


* Exposure to vulnerability management, patch management, and configuration management best practices


* Familiarity with multiple operating systems: Unix/Linux/Windows


* Security+ and Network+ or other similar demonstrated experience preferred



EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.